Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
- class Agents extends MY_Controller {
- function __construct()
- {
- parent::__construct();
- $this->check_login();
- }
- function index(){}
- function view($agent_id = NULL)
- {
- $agent = User::find_by_id($agent_id);
- /* There are 3 reasons why the Agent might not be found from the ID provided:
- * 1. No agent exists that corresponds to the ID provided
- * 2. The agent that corresponds to the given ID was deleted (in which case that Agent will not exist)
- * 3. The ID provided was invalid, such as if a string was passed or if no ID was provided (in which case it would be NULL)
- * To best handle this, set an error message and redirect to home page
- */
- if(!$agent)
- {
- $this->session->set_flashdata('cryptbox_message', $this->generate_cryptbox_message('error', 'We could not find an agent with this ID.'));
- redirect();
- }
- $this->view_data['agent'] = $agent;
- $this->view_data['dealerships'] = Dealership::find_all_by_user_id($agent->id);
- if($agent_id === NULL)
- {
- redirect();
- }
- //CHECK FOR PERMISSIONS
- $allow_permission = FALSE;
- //If allowed to see all agents, grant permission.
- if($this->LOGGED_IN_USER->group->view_all_agents)
- {
- $allow_permission = TRUE;
- }
- //If only allowed to see agents within agency, AND this agent is part of his own agency, allow access
- if($this->LOGGED_IN_USER->group->view_agents_within_agency)
- {
- $agent = User::find_by_id($agent_id); //we need to find out what the agency ID of this agent is.
- if($agent->agency_id == $this->LOGGED_IN_USER->agency_id)
- {
- $allow_permission = TRUE;
- }
- }
- //If this agent is himself, allow access
- if($this->LOGGED_IN_USER->group->view_own_agent)
- {
- $allow_permission = TRUE;
- }
- // At this point, if the user doesn't have permission, don't allow him to be here.
- if(! $allow_permission)
- {
- $this->session->set_flashdata('cryptbox_message', CRYPTBOX_MESSAGE_PERM_DENIED);
- redirect();
- }
- //Determine what tab to display in the output page based on HTTP GET. If none is set in HTTP GET, default to index.
- $tab = isset($_GET['tab']) ? $_GET['tab'] : '';
- switch($tab)
- {
- case 'dealerships':
- $this->view_data['tab'] = "dealerships";
- break;
- case 'edit':
- $this->view_data['tab'] = "edit";
- if($_POST)
- {
- if(filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) &&
- strlen($_POST['first_name']) > 0 &&
- strlen($_POST['last_name']) > 0 &&
- strlen($_POST['address_street']) > 0 &&
- strlen($_POST['address_city']) > 0 &&
- strlen($_POST['address_zip']) > 0 &&
- strlen($_POST['phone']) > 0
- ){
- $agent = User::find_by_id($agent_id);
- $agent->email = $_POST['email'];
- $agent->first_name = $_POST['first_name'];
- $agent->last_name = $_POST['last_name'];
- $agent->address_street = $_POST['address_street'];
- $agent->address_city = $_POST['address_city'];
- $agent->address_state = $_POST['address_state'];
- $agent->address_zip = $_POST['address_zip'];
- $agent->phone = $_POST['phone'];
- $agent->save();
- $this->session->set_flashdata('cryptbox_message', CRYPTBOX_MESSAGE_FORM_SUCCESS);
- redirect('agents/view/' . $agent_id);
- }
- }
- break;
- case 'change_password':
- $this->view_data['tab'] = "change_password";
- if($_POST) //Form was submitted for password change.
- {
- //New password must be same as old one, and new password must be valid
- if($this->validate_password($this->LOGGED_IN_USER->password, $_POST['old_password']) &&
- preg_match('/^.*(?=.{8,})(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).*$/', $_POST['new_password']) &&
- $_POST['new_password'] == $_POST['new_password_confirmation']
- ){
- $user = User::find_by_id($this->LOGGED_IN_USER->id);
- $user->password = $this->encrypt_password($_POST['new_password']);
- $user->save();
- $this->session->set_flashdata('cryptbox_message', CRYPTBOX_MESSAGE_FORM_SUCCESS);
- redirect('users/my_profile');
- }
- else if($this->validate_password($this->LOGGED_IN_USER->password, $_POST['old_password'])){ //if the password is invalid, create a variable to sent to the view to display this error
- $this->view_data['old_password_invalid'] = TRUE;
- }
- }
- break;
- case 'delete':
- $this->view_data['tab'] = "delete";
- $agent = User::find_by_id($agent_id);
- if(isset($_POST['confirm'])) //confirm deletion
- {
- //first we need to get all dealerships to delete them
- $dealerships = Dealership::find_all_by_user_id($agent->id);
- foreach($dealerships as $dealership)
- {
- //now we need to get all locations to delete them
- $locations = Location::find_all_by_dealership_id($dealership->id);
- foreach($locations as $location)
- {
- $location->delete();
- }
- $dealership->delete();
- }
- $agent->delete();
- if($this->LOGGED_IN_USER->id == $agent->id) //If user is deleting his own account, log him out
- redirect('users/logout');
- $this->session->set_flashdata('cryptbox_message', CRYPTBOX_MESSAGE_FORM_SUCCESS);
- redirect();
- }
- if(isset($_POST['cancel'])) //Cancel deletion
- {
- redirect('agents/view/' . $agent_id);
- }
- break;
- default:
- $this->view_data['tab'] = "index";
- break;
- }
- }
- }
Add Comment
Please, Sign In to add comment